The scam takes users to fake landing pages that ask for login information

Share

Shares

Copy Link

{copyShortcut} to copy
Link copied!

Updated: 11:03 AM EDT Mar 15, 2017

Hide TranscriptShow Transcript

WEBVTT SPENT TIME IN KANSAS PRISONS FOR SIMILAR CRIMES.THE FBI INVESTIGATING AFTER THE INDEPENDENCE SCHOOL DISTRICT IS HIT WITH AN E-MAILSCAM.>> KELLY, IS HE SURPRISEDED TO HEAR ABOUT ANOTHER BIG SECURITY BREACH?>> YES AND NO.HE KNOWS IT ONLY TAKES ONE MISTAKE TO CAUSE A LOT OF PROBLEMS.>> WE RESET THEIR ACCOUNT. >> JUSTINMALON HAS SEEN SO MANPHISHING SCAMS. >> AT TAX TIME ANYONE WITH FINANCIAL INFORMATION IS LIKELY TO BE A TARGET.UMKC GOT THIS AT THE MAIL A MONTH AGO SENT TO A TOP ADMINISTRATOR FROM SOMEONE POSING AS A STAFF MEMBER.HE SAYS ALWAYS BEEN SUSPICIOUS OF REQUESTS FOR INFORMATION OUT OF THE ORDINARY AND BE WARY OF E-MAILS OF SQUARE TACTICS LIKE -- SCARE TACTICS LIKE FINALNOTICE.BUFF CLICK ON ANY LINKS, PUT THECURSOR OVER IT.IT SHOULD REPRESENT WHERE AT THEMAIL CAME FROMTHIS LINK SAYS TOP STYLE.SECURITY IS GETTING IT 100% RIGHT ALL THE TIME.THE HACKER JUST HAS TO HAVE YOU FAIL ONCE.>> IT IS IMPORTANT TO VICE PRESIDENT ANTIVIRUS SOFTWARE.THAT WON'T PROTECT YOU FROM MOSTPHISHING SCAMS.YOU HAVE TO BE THE FIR LINE OFPROTECTION

Gmail users are falling for this 'fake attachment' phishing scam

The scam takes users to fake landing pages that ask for login information

A Gmail phishing scam continues to target users, tricking even internet-savvy account holders into handing over personal credentials. The campaign is extremely clever - it sends messages to recipients posing as friends or relatives, and then asks them to click on an attachment. Victims are then taken to a fake Google sign-in page that asks them to enter their login info.

The catch? The attachments aren't legit - they're fraudulent images created to look just like attachments that link to a counterfeit sign-in page.

Unfortunately, campaigns like this are happening more frequently - and they're getting more sophisticated. Hackers frequently trick people by sending emails from false addresses or using Photoshopped images that look like real browsers.

Even the locations of these virtual assaults are becoming increasingly difficult to track. Many breaches appear to be from servers in US data centers, but hackers are actually located overseas and are able to scramble their locations.